April 2008 Archives by author
Starting: Tue Apr 1 11:02:23 EDT 2008
Ending: Wed Apr 30 14:42:14 EDT 2008
Messages: 234
- [nsp-sec] How to hijack traffic for an entire Content/AdCompany - ARP Poisoning revisited - 8800.org / 6600.org badness
Dario Ciccarone (dciccaro)
- [nsp-sec] 48 hour vetting: Liban Mohamed (Sprint, AS1239)
Ryan Mcdowell (rymcdowe)
- [nsp-sec] ACK 2586, 3221, 3249, 3327, 13272, 39823 12k probably compromised FTP accounts
Hillar Aarelaid
- [nsp-sec] [stratfor] Cyberwarfare 101: Case Study of a Textbook Attack
Hillar Aarelaid
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Hillar Aarelaid
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Brian Allen
- [nsp-sec] www-fme.upc.edu contact?
Brian Allen
- [nsp-sec] Contact at Shaw?
Lawrence Baldwin
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Patrick Bergen
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Patrick Bergen
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Larry J. Blunk
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Larry J. Blunk
- [nsp-sec] ACK 3303 12k probably compromised FTP accounts
Jan Boogman
- [nsp-sec] 12k probably compromised FTP accounts
Dave Burke
- [nsp-sec] ACK AS852 RE: 6k probably compromised FTP accounts
Chris Calvert
- [nsp-sec] ACK AS852 - RE: New storm worm run - peerlist
Chris Calvert
- [nsp-sec] 66.139.78.164 = C&C?
Chris Calvert
- [nsp-sec] Contact at Shaw?
Chris Calvert
- [nsp-sec] List of 297 sites vulnerable to PHP RFI
Jason Chambers
- [nsp-sec] [nevermind..] List of 297 sites vulnerable to PHP RFI
Jason Chambers
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Jason Chambers
- [nsp-sec] UDP attack at 62.44.69.98 - looking for C&C
Steve Colam
- [nsp-sec] 12k probably compromised FTP accounts
Steve Colam
- [nsp-sec] UDP attack at 62.44.69.98 - looking for C&C
Steve Colam
- [nsp-sec] www-fme.upc.edu contact?
Francisco Jesus Monserrat Coll
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Phillip G Deneault
- [nsp-sec] looking for contact at TMN.PT, AS42863
Gert Doering
- [nsp-sec] dlink router worm or dlink compromise leads to infectedPCs?
Sean Donelan
- [nsp-sec] AS26496: Malware distribution site
Serge Droz
- [nsp-sec] 48 hour vetting: Torsten Voss (DFN-CERT)
Serge Droz
- [nsp-sec] DDoS possibly towards 212.224.127.14
Serge Droz
- [nsp-sec] DDoS possibly towards 212.224.127.14
Serge Droz
- [nsp-sec] Ping Comcast & Roadrunner
Serge Droz
- [nsp-sec] NACK for AS217 Re: 12k probably compromised FTP accounts
Brian Eckman
- [nsp-sec] NACK for AS217 Re: 12k probably compromised FTP accounts
Brian Eckman
- [nsp-sec] [ OT ] MacOS X malware
Brian Eckman
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Brian Eckman
- [nsp-sec] Large injection AS4134, lots of upstreams (AS4812 also involved)
Brian Eckman
- [nsp-sec] Large injection AS4134, lots of upstreams (AS4812 also involved)
Brian Eckman
- [nsp-sec] DDoS to Joomla site
Nicolas FISCHBACH
- [nsp-sec] DDoS possibly towards 212.224.127.14
Nicolas FISCHBACH
- [nsp-sec] 12k probably compromised FTP accounts
Tom Fischer
- [nsp-sec] 6k probably compromised FTP accounts
Tom Fischer
- [nsp-sec] RFE ddos details
Tom Fischer
- [nsp-sec] 12k probably compromised FTP accounts
John Fraizer
- [nsp-sec] [ OT ] MacOS X malware
John Fraizer
- [nsp-sec] [ OT ] MacOS X malware
John Fraizer
- [nsp-sec] Attack agains 208.100.5.32 & 72.20.34.135
John Fraizer
- [nsp-sec] Traffic rates drop 7;15a last two days?
John Fraizer
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
John Fraizer
- [nsp-sec] [ OT ] MacOS X malware
David Freedman
- [nsp-sec] ACK for AS8426 Re: 12k probably compromised FTP accounts
David Freedman
- [nsp-sec] ACK AS8426 RE: 6k probably compromised FTP accounts
David Freedman
- [nsp-sec] 48 hour vetting: Liban Mohamed (Sprint, AS1239)
Jason Gardiner
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Rolf Gartmann
- [nsp-sec] New storm worm run - peerlist
Stephen Gill
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Gong, Yiming
- [nsp-sec] Large injection AS4134, lots of upstreams
Gong, Yiming
- [nsp-sec] Large injection AS4134, lots of upstreams (AS4812 also involved)
Gong, Yiming
- [nsp-sec] Large injection AS4134, lots of upstreams (AS4812 also involved)
Gong, Yiming
- [nsp-sec] 48 hour vetting: Torsten Voss (DFN-CERT)
Peter Haag
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Seth Hall
- [nsp-sec] Trusted contact at Telekenex (AS32035)?
Seth Hall
- [nsp-sec] ACK AS12994, 2116, 25351, 29486, 34989, 39783, 42400, 5381 12k probably compromised FTP accounts
Anders Hardangen
- [nsp-sec] ACK 8928 RE: 12k probably compromised FTP accounts
Mike Hellers
- [nsp-sec] NACK 7992 RE: 6k probably compromised FTP accounts
Krista Hickey
- [nsp-sec] NACK 7992 RE: 6k probably compromised FTP accounts
Krista Hickey
- [nsp-sec] FW: DSL reports under ddos -- C&C info - AS 9121 (TR)
Krista Hickey
- [nsp-sec] Bounce message backscatter attack against abusemailbox
Krista Hickey
- [nsp-sec] ACK 109 Re: 12k probably compromised FTP accounts
Chip Ho
- [nsp-sec] Heads-Up - Dalai Lama Live Webcasts
Michael Hornung
- [nsp-sec] Traffic rates drop 7;15a last two days?
Mike Hughes
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Mike Hughes
- [nsp-sec] UDP DDoS Attack against 80.65.160.10 (AS21196) - not spoofed
Nicholas Ianelli
- [nsp-sec] 12k probably compromised FTP accounts
Gabriel Iovino
- [nsp-sec] Looking for Princeton Contact: 140.180.160.170
Gabriel Iovino
- [nsp-sec] New storm worm run - peerlist
Gabriel Iovino
- [nsp-sec] Phishing
Rodney Joffe
- [nsp-sec] ACK 19029, informed 4355 12k probably compromised FTP accounts
Johnson, Ron
- [nsp-sec] ACK 6830 - Re: 12k probably compromised FTP accounts
Stijn Jonker
- [nsp-sec] Ping AS19463 / AS6582 Active phishing
Stijn Jonker
- [nsp-sec] 12k probably compromised FTP accounts
Eronen Juhani
- [nsp-sec] ACK 3561 12k probably compromised FTP accounts
Kistler, Kris
- [nsp-sec] ACK 224 12k probably compromised FTP accounts
Morten Knutsen
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
John Kristoff
- [nsp-sec] ASN 25653
Aaron Lafferty
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Arttu Lehmuskallio
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Mike Lewinski
- [nsp-sec] Trying to report a phishing URL without success
Neil Long
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Neil Long
- [nsp-sec] AS 21844 - phishing site
Neil Long
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Andreas Lorentzen
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Kevin Maher
- [nsp-sec] Traffic rates drop 7;15a last two days?
JR Mayberry
- [nsp-sec] 12k probably compromised FTP accounts
Matthew McGlashan
- [nsp-sec] 48 hour vetting: Torsten Voss (DFN-CERT)
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Scott A. McIntyre
- [nsp-sec] Fwd: nsp-security subscription notification
Scott A. McIntyre
- [nsp-sec] Fwd: nsp-security subscription notification
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Liban Mohamed (Sprint, AS1239)
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Scott A. McIntyre
- [nsp-sec] 48 hour vetting: Gurmeet Singh (TATA (formerly VSNL))
Scott A. McIntyre
- [nsp-sec] How to hijack traffic for an entire Content/Ad Company - ARP Poisoning revisited - 8800.org / 6600.org badness
Danny McPherson
- [nsp-sec] Traffic rates drop 7;15a last two days?
Danny McPherson
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Danny McPherson
- [nsp-sec] 12k probably compromised FTP accounts
Par Osterberg Medina
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Dave Mitchell
- [nsp-sec] new storm worm campaign - april fool's day
Klaus Moeller
- [nsp-sec] 12k probably compromised FTP accounts
Klaus Moeller
- [nsp-sec] 48 hour vetting: Torsten Voss (DFN-CERT)
Klaus Moeller
- [nsp-sec] 12k probably compromised FTP accounts
Peter Moody
- [nsp-sec] Heads-up Google: McColo Driven Botnet pushing Pharmacy spam though GMail
Peter Moody
- [nsp-sec] [ OT ] MacOS X malware
Chris Morrow
- [nsp-sec] [ OT ] MacOS X malware
Chris Morrow
- [nsp-sec] NACK 7992 RE: 6k probably compromised FTP accounts
Chris Morrow
- [nsp-sec] FW: DSL reports under ddos -- C&C info - AS 9121 (TR)
Chris Morrow
- [nsp-sec] SWISSCOM - 3303 help pls?
Chris Morrow
- [nsp-sec] Phishing
Chris Morrow
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Chris Morrow
- [nsp-sec] 48 hour vetting: Gurmeet Singh (TATA (formerly VSNL))
Chris Morrow
- [nsp-sec] Attack agains 208.100.5.32 & 72.20.34.135
Jose Nazario
- [nsp-sec] FW: DSL reports under ddos -- C&C info - AS 9121 (TR)
Jose Nazario
- [nsp-sec] FW: DSL reports under ddos -- C&C info - AS 9121 (TR)
Jose Nazario
- [nsp-sec] DSL Reports DDoS info - bot reports
Jose Nazario
- [nsp-sec] DDoS possibly towards 212.224.127.14
Jose Nazario
- [nsp-sec] 66.139.78.164 = C&C?
Jose Nazario
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Jose Nazario
- [nsp-sec] [stratfor] Cyberwarfare 101: Case Study of a Textbook Attack
Jose Nazario
- [nsp-sec] [stratfor] Cyberwarfare 101: Case Study of a Textbook Attack
Jose Nazario
- [nsp-sec] SSH bruter results
Jose Nazario
- [nsp-sec] SSH bruter results
Jose Nazario
- [nsp-sec] via dark visitor - cnn ddos called off?
Jose Nazario
- [nsp-sec] netbot attacker - now with CNN flavor
Jose Nazario
- [nsp-sec] RFE ddos details
Jose Nazario
- [nsp-sec] ACK 378, 1680, 5486, 8551, 8584, 9116, 12k probably compromised FTP accounts
Hank Nussbacher
- [nsp-sec] Web page can take over your router
Hank Nussbacher
- [nsp-sec] Web page can take over your router
Hank Nussbacher
- [nsp-sec] Contact at Shaw?
Hank Nussbacher
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Hank Nussbacher
- [nsp-sec] Anyone from Yahoo! about?
Zoe O'Connell
- [nsp-sec] 12k probably compromised FTP accounts
Ryan Pavely
- [nsp-sec] 12k probably compromised FTP accounts
Pawloski, Kevin
- [nsp-sec] Any contact at Northwestern Memorial Hospital Ontario?
SURFcert - Peter
- [nsp-sec] SSH bruter results
SURFcert - Peter
- [nsp-sec] Contact at afosr.af.mil?
Peter Peters
- [nsp-sec] [ OT ] MacOS X malware
Joel Rosenblatt
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Joel Rosenblatt
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Joel Rosenblatt
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
William Salusky
- [nsp-sec] 12k probably compromised FTP accounts
Tom Sands
- [nsp-sec] Attn: Rackspace UK (ASN 15395)
Tom Sands
- [nsp-sec] 48 hour vetting: Torsten Voss (DFN-CERT)
Thomas Schmid
- [nsp-sec] Heads-Up - Dalai Lama Live Webcasts
Daniel Schwalbe
- [nsp-sec] Heads-Up - Dalai Lama Live Webcasts
Daniel Schwalbe
- [nsp-sec] ACK 174 RE: SSH bruter results
Shelton, Steve
- [nsp-sec] ACK 174 RE: Large injection AS4134, lots of upstreams
Shelton, Steve
- [nsp-sec] netbot attacker - now with CNN flavor
Shelton, Steve
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Michael Sinatra
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Michael Sinatra
- [nsp-sec] [ OT ] MacOS X malware
Smith, Donald
- [nsp-sec] new storm worm peer list.
Smith, Donald
- [nsp-sec] Level 3 routing loop in new york?
Smith, Donald
- [nsp-sec] Yahoo email contact?
Smith, Donald
- [nsp-sec] dlink router worm or dlink compromise leads to infectedPCs?
Smith, Donald
- [nsp-sec] dlink router worm or dlink compromise leads toinfectedPCs?
Smith, Donald
- [nsp-sec] Heads-Up - Dalai Lama Live Webcasts
Smith, Donald
- [nsp-sec] Hubble the blackhole finder
Smith, Donald
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Smith, Donald
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Smith, Donald
- [nsp-sec] Increased in HP OV NMM scanning from AS 29802 Upstreams AS 174 and 3549 (cogent and GBLX).
Smith, Donald
- [nsp-sec] Large injection AS4134, lots of upstreams
Smith, Donald
- [nsp-sec] UDP attack at 62.44.69.98 - looking for C&C
Smith, Donald
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Smith, Donald
- [nsp-sec] DDoS to Joomla site
Alfredo Sola
- [nsp-sec] DDoS to Joomla site
Alfredo Sola
- [nsp-sec] DDoS to Joomla site
Alfredo Sola
- [nsp-sec] DDoS to Joomla site
Alfredo Sola
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Steven Spence
- [nsp-sec] looking for CAVTEL.com contact=?
Christoph Sprongl
- [nsp-sec] Ping AS19463 / AS6582 Active phishing
Christoph Sprongl
- [nsp-sec] identity theft - AS12570
Christoph Sprongl
- [nsp-sec] UDP DDoS Attack against 80.65.160.10 (AS21196) - not spoofed
Macleonard Starkey
- [nsp-sec] 2914 ACK'd Re: 12k probably compromised FTP accounts
Tino Steward
- [nsp-sec] ACK 2914 Re: 12k probably compromised FTP accounts
Tino Steward
- [nsp-sec] 2914 ack'd Re: 6k probably compromised FTP accounts
Tino Steward
- [nsp-sec] ACK: Re: 12k probably compromised FTP accounts
Justin M. Streiner
- [nsp-sec] ACK: Re: 6k probably compromised FTP accounts
Justin M. Streiner
- [nsp-sec] Traffic rates drop 7;15a last two days?
Sweeney, William- CIPS
- [nsp-sec] Traffic rates drop 7;15a last two days?
Mike Tancsa
- [nsp-sec] New storm worm run - peerlist
Philip Taylor
- [nsp-sec] [ OT ] MacOS X malware
Rob Thomas
- [nsp-sec] [ OT ] MacOS X malware
Rob Thomas
- [nsp-sec] [ OT ] MacOS X malware
Rob Thomas
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Rob Thomas
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Rob Thomas
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Rob Thomas
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Rob Thomas
- [nsp-sec] 48 hour vetting: Barry Greene (Juniper - yes, really, Juniper)
Rob Thomas
- [nsp-sec] Looking for Princeton Contact: 140.180.160.170
David Ulevitch
- [nsp-sec] 6k probably compromised FTP accounts
Marius Urkis
- [nsp-sec] Phedophile website advertised by spam, heads up Yahoo!
Guilherme Venere
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Guilherme Venere
- [nsp-sec] NACK for AS217 Re: 12k probably compromised FTP accounts
Florian Weimer
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Florian Weimer
- [nsp-sec] DNS flow data
Florian Weimer
- [nsp-sec] Attn: Rackspace UK (ASN 15395)
White, Gerard
- [nsp-sec] Attn: Rackspace UK (ASN 15395)
White, Gerard
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
White, Gerard
- [nsp-sec] 66.139.78.164 = C&C? -> Bonus Info
White, Gerard
- [nsp-sec] Heads-Up - Dalai Lama Live Webcasts
White, Gerard
- [nsp-sec] Heads-up Google: McColo Driven Botnet pushing Pharmacy spam though GMail
White, Gerard
- [nsp-sec] Bounce message backscatter attack against abuse mailbox
Fredrik Widell
- [nsp-sec] Daily Reports Summary for week ending 2008-04-07
Tim Wilde
- [nsp-sec] 48 hour vetting: Dave Monnier (Team Cymru, AS23028)
Tim Wilde
- [nsp-sec] Daily Reports Summary for week ending 2008-04-14
Tim Wilde
- [nsp-sec] Daily Reports Summary for week ending 2008-04-21
Tim Wilde
- [nsp-sec] Daily Reports Summary for week ending 2008-04-28
Tim Wilde
- [nsp-sec] ACK: Re: 12k probably compromised FTP accounts
Matsuzaki Yoshinobu
- [nsp-sec] NACK for AS2572 Re: 12k probably compromised FTP accounts
Young, Beth A.
- [nsp-sec] 12k probably compromised FTP accounts
claude.labbe at bell.ca
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
david.harcourt at bt.com
- [nsp-sec] 12k probably compromised FTP accounts - ACK
nishal goburdhan
- [nsp-sec] New storm worm run - peerlist
jose nazario
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
jose nazario
- [nsp-sec] IceKernel DDOS bot
jose nazario
- [nsp-sec] Trying to report a phishing URL without success
sthaug at nethelp.no
- [nsp-sec] ACK 2116 Re: 12k probably compromised FTP accounts
sthaug at nethelp.no
- [nsp-sec] ACK 2116 Re: 6k probably compromised FTP accounts
sthaug at nethelp.no
- [nsp-sec] ACK6805 12k probably compromised FTP accounts
Henner.Vogt at telefonica.de
- [nsp-sec] ACK 2119,12k probably compromised FTP accounts
bjorn.jensen at telenor.com
- [nsp-sec] Increased in HP OV NMM scanning (tcp/2954)
Matthew.Swaar at us-cert.gov
- [nsp-sec] SYN-ACK backscatter from 60.191.221.41:7000
Matthew.Swaar at us-cert.gov
Last message date:
Wed Apr 30 14:42:14 EDT 2008
Archived on: Thu Jan 22 18:51:58 EST 2015
This archive was generated by
Pipermail 0.09 (Mailman edition).